Lucene search
K

27433 matches found

OSV
OSV
added 2022/05/17 5:23 a.m.22 views

GHSA-7WWR-P84Q-QR3Q Typo3 Backend XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.1AI score0.01613EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/17 5:23 a.m.32 views

Typo3 Backend XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.01613EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/17 5:22 a.m.22 views

GHSA-V358-RVXR-WFFX Silverstripe XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...

4.3CVSS5.4AI score0.01925EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/17 5:22 a.m.14 views

Silverstripe XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...

4.3CVSS6AI score0.01925EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 5:17 a.m.17 views

MoinMoin Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...

4.3CVSS5.9AI score0.02095EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 5:16 a.m.24 views

phpMyAdmin multiple cross-site scripting vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

3.5CVSS5.6AI score0.01449EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/05/17 5:7 a.m.20 views

GHSA-5GH4-V2CH-PCX4 phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...

4.3CVSS6AI score0.01458EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/17 5:2 a.m.29 views

Improper Neutralization of Input During Web Page Generation in JavaMelody

Cross-site scripting XSS vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header...

4.3CVSS4.2AI score0.02755EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2022/05/17 4:58 a.m.23 views

GHSA-XC7Q-Q62F-WCVR Apache Solr for TYPO3 (solr) extension is vulnerable to Cross-site scripting (XSS)

Cross-site scripting XSS vulnerability in the Apache Solr for TYPO3 solr extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01808EPSS
Exploits0References8
OSV
OSV
added 2022/05/17 4:58 a.m.8 views

GHSA-H7JC-PG2R-MQJ4 Tiki Wiki CMS Groupware Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.7CVSS5.5AI score0.01156EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/17 4:58 a.m.18 views

Tiki Wiki CMS Groupware Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01156EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 4:57 a.m.30 views

Apache Struts is vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to 1 actionNames.action and 2 showConfig.action in config-browser/...

4.3CVSS5.7AI score0.06125EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2022/05/17 4:49 a.m.19 views

GHSA-89RQ-27XP-VGV7 Plone vulnerable to cross-site scripting

Multiple cross-site scripting XSS vulnerabilities in 1 spamProtect.py, 2 pts.py, and 3 request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.3CVSS5.6AI score0.01807EPSS
Exploits0References7
OSV
OSV
added 2022/05/17 4:46 a.m.14 views

GHSA-6G7X-4C7M-G63M Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...

6.1CVSS5.3AI score0.02164EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/17 4:46 a.m.16 views

Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...

4.3CVSS5.6AI score0.02164EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2022/05/17 4:45 a.m.6 views

GHSA-9CRX-P357-5VW8 Ajenti Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in plugins/main/content/js/ajenti.coffee in Ajenti before 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality...

5.4CVSS5.3AI score0.01487EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/17 4:45 a.m.19 views

Ajenti Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in plugins/main/content/js/ajenti.coffee in Ajenti before 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality...

3.5CVSS5.6AI score0.01487EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2022/05/17 4:42 a.m.13 views

GHSA-F5JH-Q6MP-9C8P ImpressCMS Cross-site scripting Vulnerability

A cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...

4.3CVSS5.3AI score0.01012EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/05/17 4:42 a.m.17 views

ImpressCMS Cross-site scripting Vulnerability

A cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...

4.3CVSS5.6AI score0.01012EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 4:42 a.m.31 views

Djblets Cross-site scripting Vulnerability

A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...

4.3CVSS5.6AI score0.02083EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder